sfogliatelle
We Is Whut We Am
Premium
join:2002-05-29
Orlando, FL
|  do company servers know where you've been?
Pardon my naiveté in advance.
I have and use a number of programs/utilities on a regular basis to remove most all digital detritus which accumulates with ordinary browsing.
Not that I visit unsavory or questionable sites (I don't; really), but there are a few which may not be classified as 'work related'.
Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been?
My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing? |
|
no_one
@QWEST.NET | Without your sabotage most likely nothing. If the server/ internet connection is setup correctly you are tracked. The tracking is not done by your computer so you could destroy your desktop and the record will still exist. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| reply to sfogliatelle
Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been? I can tell which users have been visiting porn sites, by checking the DNS query logs. Similarly, I can tell which users have been visiting anti-war sites.
I don't actually bother to do that. But the information is all there in the DNS query logs (assuming the DNS server is set to log queries).
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.1 |
|
WeenieBoy
join:2003-06-25
Pasadena, MD
·Verizon FIOS
 ·Comcast
| reply to sfogliatelle
Besides DNS, you may have a corporate proxy and are being tracked there. Of course you could use a public proxy to by pass the corporate one. That is detectable to. There are ways but all are detectable. Trying to bypass security will surely bring a more watchfull eye on you. |
|
dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
·Verizon FIOS
| reply to sfogliatelle
said by sfogliatelle  :Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been? Yes. Every piece of equipment your bits pass through on their way out of the building is potentially in a position to log what you do. |
|
Kiwi
Premium
join:2003-05-26
USA
·Comcast
·Aristotle Internet
| said by dave :said by sfogliatelle :Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been? Yes. Every piece of equipment your bits pass through on their way out of the building is potentially in a position to log what you do. I'll back that up, on the whole reasonable use is acceptable and it should not haunt you. People sometimes find an unfiltered site and get out, the time stamp also reflects that lack of interest.
If you have workable 'Tools' and not an Admin, it's probably a poorly managed network. |
|
Kilroy
Premium,MVM
join:2002-11-21
Ann Arbor, MI | reply to sfogliatelle
If you go through a proxy server that requires authorization they know every dirty little secret, if they care to look.
--
When will the people realize that with DRM they aren't purchasing anything? |
|
Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
·Shaw
| reply to sfogliatelle
Does your company have an Acceptable Use Policy as it is possible every site your system goes to is logged (even Link Logger can do that).
My favorite AUP story was one company I was helping out had a very well written policy that every employee agreed and signed, but one day I was walking down the hall when I looked in one of the developers office there was some major hard core porn on his screen, so I asked him if that perhaps violated the AUP, and he said no, so I asked him to explain and he said it was his on his personal laptop and he was using an open wireless network connection from the apartment building next to our building so he was totally outside the agreement (he had even reconfigure that open wireless connection so he could use P2P software with it). Some people seem to have a hard time grasping the concept of a work environment, so the AUP was amended to handle use of personal or 'borrowed/stolen' hardware and network facilities within the company office (what you do on your time with your personal equipment and network connection is your business as long as it doesn't impact your job or work performance).
Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool |
|
angelique
Premium
join:2004-03-09
Alhambra, CA
| reply to sfogliatelle
I'm not in IT at the company I work for but I do know they monitor all traffic and actually prohibit access to certain sites. If you access a prohibited site (porn sites, video such as you tube, game sites) a message is displayed on your monitor with user name and internal IP address giving the reason for blocking you from the site. So yes, as previous posters have said, if setup correctly the company knows. We're not even allowed to use Firefox because of security flaws. |
|
sfogliatelle
We Is Whut We Am
Premium
join:2002-05-29
Orlando, FL
| reply to Kiwi
The tool I mainly use is CrapCleaner, and not for covering my tracks. Compared to what Windows offers, it's light years faster and more efficient. There are more than a few cookies I choose to save with it.
At work I do run as an Admin; installing, uninstalling, etc.
Unlike the network I'm on when I perform Reserve duty (government network: lotsa no-nos there), I get no warnings nor alerts if I attempt to navigate on to potentially questionable sites. Which is just fine with me, as I've read too many horror stories on this forum here of what an unthinking, errant click can do. |
|
sfogliatelle
We Is Whut We Am
Premium
join:2002-05-29
Orlando, FL
| reply to angelique
So far, there's not been a single mention made of the non-work related sites I go to. Heck, for all I know, the boss doesn't have the tech savvy to read the server log files.
And besides, I'd put my computer up against any other in the building for running lean, mean and clean. Being a frequent reader of the forums here has taught me more than a thing or two about 'puter security and housekeeping. |
|
DracoFelis
Premium
join:2003-06-15
| reply to sfogliatelle
said by sfogliatelle :Even though I take the sanitizing steps I do, am I deluding my self by presuming that the boss can't determine where I've been? Yes, you are deluding yourself.
Assuming normal business level networking equipment, they can monitor/log as much of the traffic as they want to. And it doesn't matter how much you "clean" your PC, as the easiest place to monitor such traffic is at the network level (which you presumably don't control, even if you "control" your own work PC).
Now I'm not saying you are being monitored in this way, just that you easily could be.
NOTE: Another user mentioned that every site you visit (even if you only visit that site by IP address, and don't do a DNS lookup) can be monitored if your company uses an internet "proxy". However, while that might make the monitoring slightly easier, its not really necessary for their to be a "proxy" for you to be monitored, as a LOT of business level networking equipment has good "logging" abilities. As just one example of this, most companies are connected to the internet by one or more routers, and many routers have the ability to log date/time, and both internet addresses (for every single packet going over that router link). And while that might not technically tell a company it was you, they will know that on such and such a time your PC (identified by IP address) visited a specific location on the internet (and what that location was). And again, this is being done at the NETWORK LEVEL, so any "cleaning up of the PC" won't erase the evidence.
said by sfogliatelle :My question is: short of server sabotage (and abstinence towards my fave links), what can I do to either minimize or mask my browsing? I suppose you could use a VPN to some other server not under the company's control. By doing that, you are encrypting your traffic, so they can't sniff the details.
OTOH that might not help you much, as their network logs will still be able to tell (possibly very easily) that you are setting up a VPN to a non-work server, and (while the VPN will mask the actual traffic contents) network monitoring can even tell approximately how much traffic is going over that VPN link (they presumably didn't "authorize" you to make).
Bottom line, the people that control the network can easily watch what goes over those network links. And if you are using your network link to violate the rules of your job, they are within their rights to use that evidence against you (as justification for firing you, for example). I'm not saying they will use this info against you (or even that they are monitoring things that much, as such things vary a lot between companies), just that they can easily do this level of internet monitoring if they wish. |
|
norky
Premium
join:2002-12-02
Lithia, FL | reply to sfogliatelle
A good sysadmin will not only know where you've been, he'll know what you've been running to hide where you've been. |
|
avd706
insert annoying animated gif here
Premium
join:2003-02-06
Union, NJ | reply to sfogliatelle
No only that, but the logs can be kept forever, so if you bring attention to yourself,they can research what you have been doing.
The best defense against corporate logging is a small laptop and a evdo card (in someone else's name) |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
 ·Callcentric
·RoadRunner Cable
·AT&T CallVantage
3 edits | reply to sfogliatelle
There are several good monitoring applications out there - Websense is one. Watchguard, Wavecrest and other vendors also have excellent reporting tools. None require any information from the client PCs caches or logs, so removing them from your PC would not have any effect on the ability to monitor, log, classify and report your browsing when done on a company (or other) network that's not under your own control.
--
The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis |
|
Maccawolf
Premium
join:2001-02-20
Hillsdale, NJ
| reply to sfogliatelle
Let's take this one step further. I'll start by saying that I go NOWHERE that impacts my job, or hinders my performance at work, I don't do anything illegal, I just don't need others snooping.
I use a flash drive and FF rather than IE which my company provides. They can still monitor that, right?
--
Mom and Crockett...... I miss you both! |
|
MacGyver
Bell Sucks
Premium,ExMod 2003-05
join:2001-10-14
Orleans, ON | Yes. |
|
Matt
Take me down to the paradise city
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| reply to sfogliatelle
said by sfogliatelle :So far, there's not been a single mention made of the non-work related sites I go to. They probably don't have a reason to check the logs for your traffic yet, but if it's government related, I can almost guarantee they have requirements to keep records for 3+ years. I was involved with state government many years ago and even then, we had requirements. We had to bust a guy for child porn (from a work computer no less, what a brainiac) and we had a record of everything he did. We reconstructed what NNTP groups he visited, the subject of most of his email/NNTP postings, as well as what web sites he visited. It was labor intensive, but this was also 1999. There are tool that AUTOMATE all this now ... for free. (Wireshark anyone?)
It doesn't matter what you do on the client computer to cover your tracks. They know that IP Address zzz.zzz.zzz.zzz was assigned to computer ABCD on date 1/1/2008 and on date 1/1/2008 computer ABCD visited sites XYZ.
The worst part is, even if you visit www.funnystuff.com and they advertise for www.pornsite.com, it could look like you visited www.pornsite.com if advertisements are served from the www.pornsite.com webserver.
Bottom line, if you're not prepared to justify the sites you visit (you're not going to get fired for visiting cnn.com, but you may for www.funnyjokes.com) or are not prepared to lose your job for visiting such sites, don't.
--
Linux Haters Unite! |
|
Matt
Take me down to the paradise city
Premium
join:2003-07-20
Jamestown, NC
·North State Commun..
| reply to Maccawolf
said by Maccawolf :Let's take this one step further. I'll start by saying that I go NOWHERE that impacts my job, or hinders my performance at work, I don't do anything illegal, I just don't need others snooping. I use a flash drive and FF rather than IE which my company provides. They can still monitor that, right? Just as easily. And if Firefox isn't an approved application, you just gave the sysadmin a VERY easy way to filter the logs. I'm sure your sysadmin will smile when he realizes that. 
--
Linux Haters Unite! |
|
caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
Spokane, WA
·WebBand
1 edit | reply to sfogliatelle
Why is this a topic?
He's doing stuff he knows he should not be doing on COMPANY time. He just wants an out.
Welcome to why the rest of the G8 world is kicking our corporate asses, if not buying it outright from under us.
We have no work ethic anymore.
End of story.
And, OP, if you think you are smarter than the sysAd's..try doing their job for a day.
G'Day and GL, keep that resume polished.
-CaFF
--
My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages |
|
